Nathalie is a Data Protection and Cyber Security Partner in the Commercial Services team at Addleshaw Goddard's London office. She is a well-known and trusted adviser in the global privacy and data protection world, who brings 20 years of experience and extensive knowledge to clients across sectors and jurisdictions.
Nathalie’s practice encompasses the full range of Data Protection, e-Privacy and Cyber Security issues including global data protection audits and compliance implementation programmes, policies, data processing/sharing arrangements, vendor management, privacy impact assessments, privacy by design, marketing permissions, data collection and commercial exploitation, data subject rights and FOIA request.
She regularly provides strategic advice in relation to multi-jurisdictional data transfers including EU/US Privacy Shield; intra-group data sharing arrangements as well as in relation to conflicts between different applicable privacy laws (e.g. GDPR, CCPA in the US, laws in China, Russia, etc.).
Nathalie also advises on cybersecurity matters ranging from data breach response, forensic investigations and remediation, to system infrastructure and network security, the NIS Directive, data governance and security standards.
Having worked at the European Commission in Brussels and the World Bank in Washington DC, she combines strong regulatory expertise with commercially pragmatic solutions when it comes to representing clients subject to investigations or enforcement proceedings before the Information Commissioner in the UK, the CNIL in France, the EU Supervisory Authorities or the EDPB.
Nathalie also regularly advises on a wide range of technology related agreements, EU digital media, commercial contracts and consumer protection issues.
Her clients are drawn from a wide range of data rich industry sectors, including Technology, Healthcare & Life Sciences, Hospitality, Retail & Consumer, Advertising and Marketing, Automotive, Financial Services, Media and Publishing.
She contributes regularly to newspapers and specialist legal publications, and participates in many industry/sector groups. She is a regular speaker at international privacy and data security conferences. Nathalie is a dual qualified lawyer in the UK and in France.
Nathalie's recent experience includes advising:
- An international health technology provider on patient information and confidentiality in connection with the roll out of their pharmacy management software in the EU, and assisting with investigations from EU Supervisory Authorities in the context of a data security breach.
- a number of global hospitality management and real estate groups on GDPR global audits and compliance programmes, including on vendor management
- a global publisher on strategic data sharing and data transfer agreements, PECR compliance and marketing permissions and contractual data arrangements with business alliance partners
- adtech vendors on transatlantic data privacy issues and in particular compliance with the GDPR and the CCPA in the online advertising ecosystem
- a large multinational gaming operator on its intra group data sharing arrangements as well as Brexit implications.
- UK's journey to EU Adequacy Post Brexit - view here >
- Covid-19: A practical guide to Data Protection practices in workplace testing in the UK - France - Germany published 8 June 2020 - view here >
- Coronavirus and Contact Tracing Apps: Global Privacy Perspective, AG Insights published on 4 May 2020 - view here >
- The rise of big tech monetising healthcare data, Comments in Information Age published on 24 February 2020
- What will Google’s healthcare expansion mean for UK data protection? Comments in Techworld published on 10 January 2020
- International Data Transfers - view here >
- A Guide to Good Practice for Digital and Data Driven Health Technologies - view here >
- Upcoming events & webinars
- French - fluent
- Spanish - fluent
- Russian - basic
- Italian - basic
- Professional Memberships
- Solicitor of the Law Society of England and Wales
- Avocate, Ordre des Avocats de Paris (French Bar)
- Certified Information Privacy Professional/Europe (CIPP/E), International Association of Privacy Professionals (IAPP)
- The Future of Privacy Forum
- TechUK Data Protection Group
- Society of Computers & Law (SCL)